Odysseus

Having a strong, reliable anonymous network layer is a vital element in building a privacy enhancing identity management system. If the network layer is not anonymous, colluding parties can link information and form profiles of a user based on their network address. The concept of an anonymous network, in its current incarnation, has existed for nearly 20 years. This mix network where network traffic is routed through a number of nodes with random delay and random routes provides good anonymity for high latency communications. However, for low latency communications, such as VOIP, SSH, Gaming etc. such networks cannot provide the same level on anonymity. The problem lies in the ability to analyse the extremely regular traffic patterns of a low latency network stream. By identifying the characteristics of a stream going into an anonymous network and examing the streams leaving the network, it is possible to link the ingoing stream with an outoing one. Introducing timing delays is not viable for a low latency system that needs to offer guaranteed QoS.

Whilst such attacks against anonymous network are theorised and there has been some investigative work into traffic pattern analysis, there are little or no examples of such attacks on real world anonymity systems. The problem in performing such attacks is that they require vast amounts of resources, typically only available to a 'global adversary', one who can examine traffic flows throughout the internet. examples of global adversaries would be tier 1 ISPs or government level bodies. However, a common technique in computer science to overcome such problems, is to reduce a complex problem to its' fundamentals and then build an analytical model or simulation of this fundamental. It is possible to capture the major characteristics of the problem with such systems and perform experiments that may otherwise prove intractable. Taking the current, most advanced anonymous network, TOR, and building a discrete event based simulation of it will allow us to perform various traffic analysis attacks. Furthermore, by running the simulation on parallel computing platforms, we can scale the simulation to potentially Internet proportions and perform otherwise untenable attacks. We can vary the parameters of the network and determine the optimal values for offering the best comprimise between anonymity and QoS.

We will require an intelligent and capable student, familiar with C/C++ programming, and preferably an interest in security and anonymity. Such a student will learn the basics of discrete event based simulation (through the network simulator omnet++), anonymous networks and some statistical analysis.

Relevance of Project to the Host Laboratories:

This project work will form part of IDMAN, an SFIfunded basic research project on identity management.

Supervisors:

Dr Stephen Blott (Computing, DCU)

Keywords:

Anonymous networks, identity management, security.